<?
session_start();

include('./../config/db_settings.php');
include('pms_inc.php');

$user = $_SESSION[$settings['session_prefix'].'user_id'];
//echo '$user:'.$user;
?>
<html>
<head>
<title>Private Message Center</title>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css"
	href="../templates/<? echo $settings['template'] ?>/style_lp.css"
	media="all" />
<style type="text/css">
a:link {
	text-decoration: underline;
}

a.msg:link {
	text-decoration: none;
	color: #98bf21;
	background-color: transparent
}

a.msg:visited {
	text-decoration: none;
	color: #98bf21;
	background-color: transparent
}

a.msg:hover {
	text-decoration: underline;
	color: #98bf21;
	background-color: transparent
}

a.msg:active {
	text-decoration: none;
	color: #98bf21;
	background-color: transparent
}
</style>
<script src="../js/google.js" type="text/javascript"></script>
<script type="text/javascript">
function del_confirm()
{
var r=confirm("Are you sure you want to delete this message permanently?");
if (r==true)
  {
  document.forms['frm_1'].action="delete.php";
  return true;
  }
else
  {
  return false;
  }
}
function backup()
{
  document.forms['frm_1'].action="backup.php";
  return true;
}
</script>
</head>
<body>
<?
//Are they logged in or not?
if(!$user)
{
	echo "<br><p>You aren't logged in. Please log in first.</p><br>";
}

else
{
	//We need to grab the msg_id variable from the URL.
	$msg_id = $_REQUEST['msg_id'];

	//Get all of the information about the message with and id number of the one sent through the URL
	$view_msg = mysql_query("SELECT a.*, b.user_name sender, c.user_name receiver FROM ".$db_settings['messages_table']." a
        join ".$db_settings['userdata_table']." b on a.sender_id=b.user_id 
        join ".$db_settings['userdata_table']." c on a.receiver_id=c.user_id 
        WHERE a.id = '$msg_id'");
	$msg = mysql_fetch_array($view_msg);

	$receiver_id = $msg['receiver_id'];
	$sender = htmlspecialchars(stripslashes($msg['sender']));
	$receiver = htmlspecialchars(stripslashes($msg['receiver']));
	$sender_id = $msg['sender_id'];
	$subject = nl2br(htmlspecialchars(stripslashes(base64_decode($msg['subject']))));
	$message = nl2br(htmlspecialchars(stripslashes(base64_decode($msg['message']))));
	$pm_ts = $msg['pm_ts'];
	$received = $msg['received'];

	//if the sender wants to review this msg, everything is still ok
	if($sender_id == $user)
	{
		//Get your private message count
		$sql = mysql_query ("SELECT count(*) pm_count FROM ".$db_settings['messages_table']." WHERE sender_id='$user' and received in (0,1,4,5)");
		$row = mysql_fetch_array ($sql);
		$pm_count = $row['pm_count'];

		$percent = $pm_count/$limit;
		$percent = $percent * '100';
		
		$sql = mysql_query ("SELECT count(*) new_count FROM ".$db_settings['messages_table']." WHERE receiver_id='$user' and (received = 0 or received =2)");
		$row = mysql_fetch_array ($sql);
		$totalNew = $row['new_count'];

		//Now we will display the little navigation thing, the fullness of the inbox, then display message information stuff, like who its from, the subject, and the body
		?>
<br>
<center><b><a href="inbox.php">收件箱</a> | <a href="compose.php">Compose</a>
| <a href="sent.php">发件箱</a></b><br />
<b>发件箱: <? echo "$pm_count"." of "."$limit"." Total  |  "."$percent"."% full"; ?></b></center>
<br>
<?
		if(!empty($totalNew)){
		?>
<div style="padding: 0px 0px 0px 10px;color:red;">		
<p>You have <? echo $totalNew;?> new message(s).</p>
</div>
 <?php
}
 ?>
		<?php
		$is_backup = $_REQUEST['backup'];
		if($is_backup>0){
			?>
<p><b>&nbsp;&nbsp;&nbsp;The message has been sent to your email!</b></p>
<br>
			<?php
		}
		?>
<div id="tbl" style="padding: 0px 0px 0px 10px">
<table width="80%">
	<tr>
		<td align="left"><?php
		//Get previous msg id
		$sql="SELECT id FROM ".$db_settings['messages_table']." WHERE id < '$msg_id' and sender_id='$user' and received in (0,1,4,5) order by id DESC limit 1";
		$prev_msg = mysql_query($sql);
		$prevmsg = mysql_fetch_array($prev_msg);
		$previd = $prevmsg['id'];
		if(!empty($previd)){
			?><a class="msg" href="viewsentmsg.php?msg_id=<?php echo $previd; ?>">&laquo;
		Previous</a> <?php } ?></td>
		<td align="left"><?php
		//Get next msg id
		$sql="SELECT id FROM ".$db_settings['messages_table']." WHERE id > '$msg_id' and sender_id='$user' and received in (0,1,4,5) order by id limit 1";
		$next_msg = mysql_query($sql);
		$nextmsg = mysql_fetch_array($next_msg);
		$nextid = $nextmsg['id'];
		if(!empty($nextid)){
			?><a class="msg" href="viewsentmsg.php?msg_id=<?php echo $nextid; ?>">Next
		Message &raquo;</a> <?php } ?></td>
	</tr>
	<tr>
		<td width="120px">
		<p>From:</p>
		</td>
		<td width="">
		<p><? echo $sender; ?></p>
		</td>
	</tr>

	<tr>
		<td width="120px">
		<p>To:</p>
		</td>
		<td width="">
		<p><a
			href="<? echo "../index.php?mode=user&show_user=$receiver_id"; ?>"
			target="htkou_showuser"><? echo $receiver; ?></a></p>
		</td>
	</tr>

	<tr>
		<td width="120px">
		<p>Time:</p>
		</td>
		<td width="">
		<p><? echo $pm_ts; ?></p>
		</td>
	</tr>

	<tr>
		<td width="120px" valign="top">
		<p>Subject:</p>
		</td>
		<td width="">
		<p><? echo $subject; ?></p>
		</td>
	</tr>

	<tr>
		<td width="120px" valign="top">
		<p>Message Body:</p>
		</td>
		<td width="">
		<p><? echo $message; ?></p>
		</td>
	</tr>
	<tr>
		<td colspan="2">&nbsp;</td>
	</tr>
	<tr>
		<td colspan="2">
		<form name="frm_1" id="frm_1" action="compose.php" method="get"><input
			type="hidden" name="msg_id" value="<? echo $msg_id ?>">
			<input type="hidden" name="sender_id" value="<? echo $user ?>">
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
			type="submit" value="Delete" onclick="return del_confirm()">
		&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
			type="submit" value="BackupToEmail" onclick="return backup()"></form>
		</td>
	</tr>
</table>
</div>
			<?
	}
	//Everything is not good, someone tried to look at somone else's private message
	else
	{
		?>
<p>It appears you are trying to view someone else's private message.
Please view your own private messages, or go away.</p>
		<?
	}
}
?>
</body>
</html>
